A Mysterious Virus Has Infiltrated America's Drone Program

There’s something deeply wrong at Creech Air Force Base, the notorious home of America’s drone program, where pilots remotely order US Reaper and Predator drones to unleash destructive missile strikes on unsuspecting villagers in Yemen, Libya, Iraq, Syria, Afghanistan and other war zones.

Less than a week after the Department of Homeland Security advised all federal agencies using anti-virus software created by Kaspersky Labs to remove the programs from their systems immediately, Ars Technica reports that two weeks ago the Defense Information Systems Agency detected mysterious spyware embedded in the drone “cockpits” – the control stations that pilots use to control the deadly machines.

Investigators have been unable to determine the virus’s provenance, or even if it was intentionally introduced to the drone systems, or the result of an accidental infection. But perhaps the virus’s most perplexing feature is its passivity. Instead of hastening away reams of classified information, it has simply logged keystrokes.

More curious still, the virus has resisted all attempts to remove it from the Air Force’s systems.

The virus, first detected nearly two weeks ago by the military’s Host-Based Security System, has not prevented pilots at Creech Air Force Base in Nevada from flying their missions overseas. Nor have there been any confirmed incidents of classified information being lost or sent to an outside source. But the virus has resisted multiple efforts to remove it from Creech’s computers, network security specialists say. And the infection underscores the ongoing security risks in what has become the US military’s most important weapons system.


“We keep wiping it off, and it keeps coming back,” says a source familiar with the network infection, one of three that told Danger Room about the virus. “We think it’s benign. But we just don’t know.”


Military network security specialists aren’t sure whether the virus and its so-called “keylogger” payload were introduced intentionally or by accident; it may be a common piece of malware that just happened to make its way into these sensitive networks. The specialists don’t know exactly how far the virus has spread. But they’re sure that the infection has hit both classified and unclassified machines at Creech. That raises the possibility, at least, that secret data may have been captured by the keylogger, and then transmitted over the public internet to someone outside the military chain of command.

As Ars notes, drones have become America’s weapon of choice for waging stealth warfare across the Middle East and Africa, a fact that was underlined by the killing of four US green berets in Niger earlier this week. The military advisers were serving at a waystation for American drones that were used to carry out attacks on nearby Al Qaeda affiliates.

Drones have become America’s tool of choice in both its conventional and shadow wars, allowing US forces to attack targets and spy on its foes without risking American lives. Since President Obama assumed office, a fleet of approximately 30 CIA-directed drones have hit targets in Pakistan more than 230 times; all told, these drones have killed more than 2,000 suspected militants and civilians, according to the Washington Post. More than 150 additional Predator and Reaper drones, under US Air Force control, watch over the fighting in Afghanistan and Iraq. American military drones struck 92 times in Libya between mid-April and late August. And late last month, an American drone killed top terrorist Anwar al-Awlaki — part of an escalating unmanned air assault in the Horn of Africa and southern Arabian peninsula.

And while they represent America’s most sophisticated weaponry in the never-ending war on terror, the drone program has well-known security flaws. Last fall, the US Air Force investigated a secure network outage in early September at Creech. Around the time of the outage, there were three incidences of drones striking three unintended targets. The Air Force said it was just a coincidence. 

But despite their widespread use, the drone systems are known to have security flaws. Many Reapers and Predators don’t encrypt the video they transmit to American troops on the ground. In the summer of 2009, US forces discovered “days and days and hours and hours” of the drone footage on the laptops of Iraqi insurgents. A $26 piece of software allowed the militants to capture the video.

Authorities believe the virus was spread by the use of remote drives used by technicians to upload maps and other data to the drone piloting systems, which are “air gapped” from the rest of the Air Force’s systems.

Use of the drives is now severely restricted throughout the military. But the base at Creech was one of the exceptions, until the virus hit. Predator and Reaper crews use removable hard drives to load map updates and transport mission videos from one computer to another. The virus is believed to have spread through these removable drives. Drone units at other Air Force bases worldwide have now been ordered to stop their use.

But given the hysteria surrounding Kaspersky’s software allegedly being used as a tool for espionage by the Russian government, how long until this breach is connected with a broader narrative about Russian hackers trying to destabilize American society?

Or, worse – how much longer until a malicious actor manages to seize control of America’s drone program and harness its destructive capabilities for its own ends?


jeff montanye 07564111 Mon, 10/09/2017 - 06:13 Permalink

you might very well be on it.  israel has at least two good reasons to introduce spyware into the u.s. drone program.  the u.s. (and britain) have been spying on the israeli drone program for years and russiagate in all its manifestations is a favorite hobby horse of the neocons, none of whom will ever forgive putin's eviction of the jewish zionist oligarchs that had reached such control of russia after yeltsin's tenure:https://www.google.com/search?client=safari&rls=en&q=what+israeli+softw…

In reply to by 07564111

Veritas X- jeff montanye Mon, 10/09/2017 - 06:54 Permalink

"But perhaps the virus’s most perplexing feature is its passivity. Instead of hastening away reams of classified information, it has simply logged keystrokes. More curious still, the virus has resisted all attempts to remove it from the Air Force’s systems..." You're on-the-ball there jeff-m.Nice to see someone understands the dynamics of the Is-a-hell connection:*Operation Talpiot* and  Palantir Software-  (((Peter Thiel))) are good places to start according to the Qui Bono principle.https://duckduckgo.com/?q=Peter+Thiel%27s+Palantir+Technologie&t=ffcm&i… Operation Talpiot - Israel Has Kill Switches In Key Country ...https://duckduckgo.com/?q=Operation+Talpiot&t=ffcm&ia=webX-

In reply to by jeff montanye

Keyser quadraspleen Mon, 10/09/2017 - 05:30 Permalink

Yep, big brother has been looking over the shoulder of Windoz users for decades... Most don't realize it or care... It's the "I haven't done anything wrong, why should I care" crowd giving away all of their internet activity, free of charge to big brother... There is a reason that all internet browers are free and it's not because the manufacturers are feeling generous... 

In reply to by quadraspleen

Lucretius quadraspleen Mon, 10/09/2017 - 10:33 Permalink

Q, you killed it, windoze IS a virus!!!"better serve your needs and tailor your experience" is just verbal fellatio to stroke your ego as you are ass raped by Gates/Spooks and Co.Linux bitchez, it is free, stable and as secure as you can get. Starve the beasts! I've been gone since XP-pro quit, and will never go back. I take personal satisfaction in helping friends and neighbors get that nasty f'kn virus off their systems!L.

In reply to by quadraspleen

Anteater Mon, 10/09/2017 - 02:53 Permalink

The Pentagon was hacked in 2012 of all military and civilianemployee data. In 2013, all mercenary contractor data wasalso hacked. It is estimated that in the 15 years since SecDefRumsfeld admitted that $2.3T was missing at the Pentagon,that number has now risen to $21T, near our National Debt.A drone virus is nothing compared to $54B that Pentagonblew out their 2017 budget in just seven months. A dronevirus is nothing compared to the $745B the Pentagon willburn through in 2018. Before Trump leaves, it will be $1T,and not one cent of your last life savings is coming back.

Rapunzal Friedrich not Salma Mon, 10/09/2017 - 08:06 Permalink

Thanks for the link. So I have friends in high places and they tell me that most of the lost money ends up being used building underground bunker systems. They are top secret they won't be used for the people. They will be only for the parasitic elites and the MIC. Interesting that the HUD is involved in that kind of the section 8 for the elites. A brown dwarf is coming closer to our solar system and a pole shift is possible. They are preparing for this shit show on earth.

In reply to by Friedrich not Salma

bluskyes Mon, 10/09/2017 - 02:56 Permalink

The keys to the armoury are being copied as we speak. The kingdom has fallen, its just a matter of when the new masters formally introduce themselves.

David Wooten Mon, 10/09/2017 - 02:56 Permalink

"There’s something deeply wrong at Creech Air Force Base, the notorious home of America’s drone program..."LOL Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha Ha! 

Keyser mkkby Mon, 10/09/2017 - 05:25 Permalink

Probably just bullshit advertising malware from the manufacturer of the flash drives... Vendors have been infamous for embedding this crap on their products for years, which causes it to install itself on any machine it comes in contact with... People would be amazed just what the hell is running on their systems without their knowledge... 

In reply to by mkkby